Newsweek reports login credentials or information on more than 3,000 Congressional staffers has been leaked on the dark web as a result of various leaks or breaches. Internet security firm Proton found over 1,800 passwords used by staffers in Congress available on the dark web, through an investigation of exposed accounts among U.S. political staffers, according to The Washington […]
KWCH in Kansas reports what sounds like a ransomware attack: The City of Arkansas City maintains that drinking water is safe in the city after a cyberattack on Sunday. Shana Adkisson, communications director with the City of Arkansas City, said around 5:30 a.m. on Sunday, an employee at the water treatment facility noticed that a […]
Days after customers started complaining about outages, MoneyGram has confirmed that it was the victim of a cyberattack. Bleeping Computer reports: “MoneyGram recently identified a cybersecurity issue affecting certain of our systems,” reads the announcement. “Upon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline, which […]
New data breach reporting and mitigation requirements go into effect in Pennsylvania on September 26, and there is a new portal for reporting breaches to the state. Lawyers at SheppardMullin provide a timely reminder: Pennsylvania AG Michelle Henry announced yesterday the launch of an online portal for businesses to report data breaches to the AG’s office. The […]
CBS News reports: AT&T has agreed to pay $13 million to settle a federal investigation into whether the mobile phone service provider failed to protect customer information in connection with a data breach last year, the Federal Communications Commission said Tuesday. The FCC’s probe focused on how AT&T’s privacy, cybersecurity and vendor management practices […]
Update of December 5: A federal judge granted early approval to a $30 million settlement. The case is In re 23andMe Inc Customer Data Security Breach Litigation, U.S. District Court, Northern District of California, No. 24-md-03098. The official settlement website will be at https://www.23andmedatasettlement.com/ where those affected can get information on who is eligible to […]
Released: September 12, 2024 WASHINGTON – Today, as part of their public service announcement (PSA) series to put potential election day cyber related disruptions during the 2024 election cycle into context for the American people, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) jointly issued the Just So You Know: False Claims of Hacked Voter […]
A hacker claims to have stolen 440 GB of data from cybersecurity firm Fortinet, exploiting an Azure SharePoint vulnerability. The breach, dubbed “Fortileak,” was revealed on a forum with access credentials shared online. HackRead reports: Dubbed Fortileak by the hacker, the breach allegedly originates from an exposure in Fortinet’s Azure SharePoint instance. In the forum post, the […]
A blockbuster proposed settlement has been announced involving a ransomware attack last year. The ransomware attack by BlackCat resulted in 134,000 patients of Lehigh Valley Health Network having their data accessed, exfiltrated, and in some cases, leaked online. Distressingly, the threat actors cruelly leaked nude photos of identifiable cancer patients as part of the incident. […]
If you rented a car from Avis, you may be receiving a notification letter about an August data breach they experienced. Bleeping Computer explains: American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information. According to data breach notification letters sent to […]
